package ctn.web.home.controller;

import java.io.Writer;
import java.util.HashSet;
import java.util.Set;

import javax.servlet.http.Cookie;
import javax.servlet.http.HttpServletRequest;
import javax.servlet.http.HttpServletResponse;

import org.springframework.beans.factory.annotation.Autowired;
import org.springframework.stereotype.Controller;
import org.springframework.web.bind.annotation.RequestMapping;
import org.springframework.web.servlet.ModelAndView;

import ctn.contant.UserConstant;
import ctn.contant.WebConstant;
import ctn.event.CTNEventResetPWD;
import ctn.hibernate.po.CtnLinkEvent;
import ctn.hibernate.po.CtnUser;
import ctn.hibernate.po.CtnUserMsgParm;
import ctn.service.dto.CTNUserDTO;
import ctn.service.inteface.UserService;
import ctn.util.CPAUtil;
import ctn.util.CTNUserUtil;
import ctn.util.SecurityUtil;

@Controller
public class UserController {
	@Autowired
	private UserService userService;
	@Autowired
	private CPAUtil cpaUtil;
	@RequestMapping(value="/userLogin")
	public ModelAndView wplug(HttpServletRequest request,
			HttpServletResponse response) throws Exception{
		String sCode = request.getParameter("sCode");
		boolean isforget = Boolean.valueOf(request.getParameter("forget"));
		boolean resetPass = Boolean.valueOf(request.getParameter("resetPass"));
		Writer out = response.getWriter();
		//验证码校验
		if(null!=sCode){
			String vCode = (String)request.getSession().getAttribute("validateCode");
			if(sCode.toLowerCase().equals(vCode.toLowerCase()))
				out.write("0");
			else
				out.write("1");
			out.flush();
		}else if(isforget){
			//忘记密码
			String username = request.getParameter("username");
			String email = request.getParameter("email");
			CTNUserDTO uv = new CTNUserDTO();
			uv.setUserName(username);
			uv.setEmail(email);
			CTNUserDTO uv1 = userService.forgetPass(uv);
			if(null!=uv1){
				String newPasword=cpaUtil.getUUID().substring(0,6);
				String encodePwd = new String(SecurityUtil.encode(newPasword, UserConstant.USER_SECURITY_KEY_DEFAULT));
				CTNEventResetPWD resetPwd=new CTNEventResetPWD(encodePwd,username);
				CtnLinkEvent event= cpaUtil.genEvent(resetPwd);
				String link=cpaUtil.genLink(String.valueOf(uv1.getID()), event);
				Set<CtnUserMsgParm> parms=new HashSet<CtnUserMsgParm>();
		    	parms.add(new CtnUserMsgParm("LN",link));
		    	parms.add(new CtnUserMsgParm("NP",newPasword));
		    	cpaUtil.genMsg( 7L,uv1.getID(), parms);
				out.write("0");
			}
			else
				out.write("1");
			out.flush();
		}else if(resetPass){ 
			//重置密码
			String username = request.getParameter("username");
			String newPass = request.getParameter("newPass");
			CTNUserDTO uv = new CTNUserDTO();
			uv.setUserName(username);
			uv.setPassword(newPass);
			CTNUserDTO uv1 = userService.resetPass(uv);
			//存入session
			CtnUser user =userService.getCtnUser(uv1);
			request.getSession().setAttribute(WebConstant.USER, user);
		}else{
		//用户登录
		String username = request.getParameter("username");
		String password = request.getParameter("password");
		boolean iscookie  = Boolean.valueOf(request.getParameter("cookie"));
		CTNUserDTO uv = new CTNUserDTO();
		uv.setUserName(username);
		uv.setPassword(password);
		CTNUserDTO ent_uv = userService.doLogin(uv);
		boolean isUser = ent_uv!=null?true:false;
		if(isUser){
			CtnUser user =userService.getCtnUser(ent_uv);
			request.getSession().setAttribute(WebConstant.USER, user);
			request.getSession().removeAttribute("validateCode");
			if(iscookie){
				//加密用户名存入cookie
				String cuName_h = SecurityUtil.encode(WebConstant.USER_COOKIE_NAME,WebConstant.USER_SECURITY_KEY_COOKIE);
				String cuName = SecurityUtil.encode(uv. getUserName(), WebConstant.USER_SECURITY_KEY_COOKIE);
				Cookie cookie_n = new Cookie(cuName_h,cuName);
				cookie_n.setMaxAge(WebConstant.USER_COOKIE_MAXAGE);
				cookie_n.setPath("/");
				
				//加密密码
				String cuPass_h = SecurityUtil.encode(WebConstant.USER_COOKIE_PASS,WebConstant.USER_SECURITY_KEY_COOKIE);
				String cuPass = SecurityUtil.encode(uv.getPassword(), WebConstant.USER_SECURITY_KEY_COOKIE);
				Cookie cookie_p = new Cookie(cuPass_h,cuPass);
				cookie_p.setMaxAge(WebConstant.USER_COOKIE_MAXAGE);
				cookie_p.setPath("/");
				
				if(null ==((HttpServletRequest)request).getSession().getAttribute("ck_user")&&null==((HttpServletRequest)request).getSession().getAttribute("ck_pass")){
					request.getSession().setAttribute("ck_user", cuName_h);
					request.getSession().setAttribute("ck_pass", cuPass_h);
				}
				
				response.addCookie(cookie_n);
				response.addCookie(cookie_p);
			}
			out.write("0");
		}
		else
			out.write("1");
		
		out.flush();
		}
		return null;
	}
	@RequestMapping(value="/main/resetpwd")
	public ModelAndView resetpwd(HttpServletRequest request,
			HttpServletResponse response) throws Exception{
		ModelAndView mv=new ModelAndView("index/reset_password");
		return mv;
	}
}
